10.9.2
11 years ago
8 days ago
Known vulnerabilities in the npm package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
npm is a package manager for JavaScript. Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File. The CLI supports URLs like How to fix Insertion of Sensitive Information into Log File? Upgrade | <6.14.6 |
npm is a package manager for JavaScript. Affected versions of this package are vulnerable to Arbitrary File Write. It fails to prevent access to folders outside of the intended For How to fix Arbitrary File Write? Upgrade | <6.13.3 |
npm is a package manager for JavaScript. Affected versions of this package are vulnerable to Unauthorized File Access. It is possible for packages to create symlinks to files outside of the For How to fix Unauthorized File Access? Upgrade | <6.13.3 |
npm is a package manager for JavaScript. Affected versions of this package are vulnerable to Arbitrary File Overwrite. It fails to prevent existing globally-installed binaries to be overwritten by other package installations. For example, if a package was installed globally and created a For How to fix Arbitrary File Overwrite? Upgrade | <6.13.4 |
npm is a package manager for JavaScript. Affected versions of this package are vulnerable to Access Restriction Bypass. It might allow local users to bypass intended filesystem access restrictions due to ownerships of How to fix Access Restriction Bypass? Upgrade | <5.7.1 |